CVE-2022-43873IBM Spectrum Virtualize vulnerability

3 documents3 sources
Severity
8.8HIGHNVD
CNA6.3
EPSS
0.5%
top 33.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
IBM Spectrum Virtualize
Timeline
PublishedFeb 22

Description

An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 8.2, 8.3, 8.4, and 8.5 GUI to execute code and escalate their privilege on the system. IBM X-Force ID: 239847.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

CVEListV5ibm/spectrum_virtualize8.2, 8.3, 8.4, 8.5
NVDibm/spectrum_virtualize4 versions+3

🔴Vulnerability Details

2
GHSA
GHSA-2r68-q5wj-6hmg: An authenticated user can exploit a vulnerability in the IBM Spectrum Virtualize 82023-02-22
CVEList
IBM Spectrum Virtualize privilege escalation2023-02-22
CVE-2022-43873 — IBM Spectrum Virtualize vulnerability | cvebase